[10] A. Gandre. Implementation of a policy-based intrusion detection system generic intrusion detection model (GIDEM version 1.1). Master of Science Thesis. Computer and Information Science and Engineering. University of Florida, Gainesville, FL, 2001. [11] G. Helmer, J. Wong, V. Honavar and L. Miller. Automated discovery of concise predictive rules for intrusion detection. Department of Computer Science, Iowa State University, Ames, IA, 2001. [12] K. Illgun, R. A. Kemmerer and A. Porras. State transition analysis: A rule-based intrusion detection approach. In IEEE Transactions on Software Engineering, Vol. 23, No.3, pages 181-199, March 1995. [13] A. K. Jones and R. S. Sielken. Computer system intrusion detection: A survey. Department of Computer Science Technical Report CS-99-17, University of Virginia, Thornton Hall, Charlottesville, VA 1999. [14] J. Kim and P. Bently. The human immune system and network intrusion detection. Department of Computer Science, University College London, Great Britain, 1999. [15] C. Krugel and T. Toth. Sparta A security policy reinforcement tool for large networks. Distributed Systems Group, Technical University Vienna, Argentinierstrasse 8, A-1040 Vienna, Austria. 2001. [16] W. Lee and S. J. Stolfo. Data mining approaches for intrusion detection. In Proceedings of the 7th USENIX Security Symposium, USENIX, pages 79-84, San Antonio, TX, January 1998. [17] E. Nemeth, G. Snyder, S. Seebass and T. R. Hein. UNIX system administration handbook, 3rd Edition, Upper Saddle River, New Jersey, Prentice Hall. [18] S. Patton, W. Yurcik, D. Doss. An Achilles' heel in signature-based IDS: squealing false positives in Snort, 2001. WWW page at: http://www.raid- symposium.org/raid2001/papers/patton_yurcikdossraid2001 .pdf (accessed August 2002). [19] P. A. Porras and P. G. Neumann. EMERALD: Event monitoring enabling responses to anomalous live disturbances. Computer Science Laboratory, SRI International, 333 Ravenswood Avenue, Menlo Park, CA 94025-3493. WWW page at http://www.sdl.sri.com/projects/emerald/emerald-niss97.html. (accessed August 2002) [20] M. Roesch. Snort: The open source network intrusion detection system, 2000. WWW page at http://www.snort.org (accessed January 2002)